Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2005-3677
HistoryNov 18, 2005 - 11:03 p.m.

CVE-2005-3677

2005-11-1823:03:00
mitre
web.nvd.nist.gov
29
cve-2005-3677
buffer overflow
realnetworks realplayer
remote code execution
image vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.458

Percentile

97.4%

JSON

Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. NOTE: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the vendor advisory implies that it is different.

Affected configurations

Nvd
Node
realnetworksrealplayerMatch10.0
OR
realnetworksrealplayerMatch10.5_6.0.12.1040
OR
realnetworksrealplayerMatch10.5_6.0.12.1053
OR
realnetworksrealplayerMatch10.5_6.0.12.1056
OR
realnetworksrealplayerMatch10.5_6.0.12.1059
OR
realnetworksrealplayerMatch10.5_6.0.12.1069
OR
realnetworksrealplayerMatch10.5_6.0.12.1235
VendorProductVersionCPE
realnetworksrealplayer10.0cpe:2.3:a:realnetworks:realplayer:10.0:*:*:*:*:*:*:*
realnetworksrealplayer10.5_6.0.12.1040cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1040:*:*:*:*:*:*:*
realnetworksrealplayer10.5_6.0.12.1053cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1053:*:*:*:*:*:*:*
realnetworksrealplayer10.5_6.0.12.1056cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1056:*:*:*:*:*:*:*
realnetworksrealplayer10.5_6.0.12.1059cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1059:*:*:*:*:*:*:*
realnetworksrealplayer10.5_6.0.12.1069cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1069:*:*:*:*:*:*:*
realnetworksrealplayer10.5_6.0.12.1235cpe:2.3:a:realnetworks:realplayer:10.5_6.0.12.1235:*:*:*:*:*:*:*

Related

nessus 5
cvelist 3
nvd 3
checkpoint_advisories 1
securityvulns 2
exploitdb 1
debian 2
osv 1
openvas 2
cve 2
ubuntucve 1
redhat 2
centos 1
nessus
nessus
RealPlayer for Windows Multiple Overflows
2005-11-11 00:00:00
Debian DSA-915-1 : helix-player - buffer overflow
2006-10-14 00:00:00
CentOS 4 : Helix / Player (CESA-2005:788)
2007-01-08 00:00:00
cvelist
cvelist
CVE-2005-3677
2005-11-18 23:00:00
CVE-2005-2630
2005-11-18 23:00:00
CVE-2005-2629
2005-11-18 23:00:00
nvd
nvd
CVE-2005-3677
2005-11-18 23:03:00
CVE-2005-2630
2005-11-18 23:03:00
CVE-2005-2629
2005-11-18 23:03:00
checkpoint_advisories
checkpoint_advisories
RealNetworks RealPlayer Zipped Skin File Buffer Overflow (CVE-2005-2630)
2010-07-26 00:00:00
securityvulns
securityvulns
[EEYEB-20050510] - RealPlayer Data Packet Stack Overflow
2005-11-11 00:00:00
[EEYEB-20050701] - RealPlayer Zipped Skin File Buffer Overflow II
2005-11-11 00:00:00
exploitdb
exploitdb
RealNetworks RealOne Player/RealPlayer - '.RM' Local Stack Buffer Overflow
2005-11-10 00:00:00
debian
debian
[SECURITY] [DSA 915-1] New helix-player packages fix arbitrary code execution
2005-12-02 06:35:30
[SECURITY] [DSA 915-1] New helix-player packages fix arbitrary code execution
2005-12-02 06:35:30
osv
osv
helix-player - buffer overflow
2005-12-02 00:00:00
openvas
openvas
Debian Security Advisory DSA 915-1 (helix-player)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-915-1)
2008-01-17 00:00:00
cve
cve
CVE-2005-2630
2005-11-18 23:03:00
CVE-2005-2629
2005-11-18 23:03:00
ubuntucve
ubuntucve
CVE-2005-2629
2005-11-18 00:00:00
redhat
redhat
(RHSA-2005:788) HelixPlayer security update
2005-09-27 00:00:00
(RHSA-2005:762) RealPlayer security update
2005-09-27 00:00:00
centos
centos
HelixPlayer security update
2005-09-27 22:04:42

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.458

Percentile

97.4%

JSON
Related for CVE-2005-3677
nessus5cvelist3nvd3checkpoint_advisories1securityvulns2exploitdb1debian2osv1openvas2cve2ubuntucve1redhat2centos1